- Latest NewsUp-to-date articles giving you information on best practice and policy changes.
- Skills AuditsEvaluate your skills and knowledge, identify gaps and determine training needs.
Data protection
Whether you are storing staff or pupil data, or answering requests for information on the data you hold, you must do it lawfully. Ensure data management and processing is compliant with data protection law with the resources below.
-
A subject access request can be made by anyone but sometimes information must be withheld. Dai Durbridge explains
-
Lawyers Ian Deakin and Dai Durbridge answer questions about legal aspects of the recruitment process, including information requests, data retention, contracts and references
-
A data protection impact assessment is a legal requirement undertaken when data processing may result in a high risk to individual rights. Caroline Collins explains what they involve and how to do one
-
All staff are responsible for complying with data protection law. Caroline Collins offers questions different staff members can ask their data protection officer to clarify their understanding
-
Under the GDPR, do schools need consent to share information with third parties such as SISRA (who support pupil data tracking and analysis)?
-
Do schools need to seek confirmation that a parent has provided accurate information?
-
It is unlikely that a school could successfully argue that the production of publicity materials and the
-
Communicating how you will use personal data is most commonly done in a privacy notice. Lisa Griffin offers a checklist to help create your privacy notices and guidance on gaining consent
-
The GDPR requires you to maintain records of your data processing activities. Use this template and guide to map the personal data and information you hold, where it came from and who its shared with
-
Under the GDPR, many schools are required to have a DPO. Lisa Griffin provides guidance on the responsibilities of the role and who can and can’t undertake it